2 hours ago
21
Taylor Hornby, the security engineer who discovered a vulnerability that could have allowed unlimited counterfeiting of ZEC tokens, has announced plans to audit Monero and other privacy-focused cryptocurrencies.
Hornby found the flaw in Zcash’s Orchard shielded pool on May 29, using Anthropic’s Claude Opus 4.8 AI model to assist his review. The bug had been sitting there, undetected, since the Orchard pool’s activation in May 2022. That’s four years of a live vulnerability that could have been used to mint fake ZEC indistinguishable from the real thing.
What happened with Zcash
Hornby was engaged by Shielded Labs in April 2026 specifically to conduct protocol audits. Within a matter of days after beginning his AI-assisted examination, he identified the critical flaw in the zero-knowledge proof system underpinning Zcash’s most private transaction pool.
He reported the vulnerability to the Zcash Open Development Lab (ZODL), which moved quickly. An emergency soft fork was completed by June 1, and a full network upgrade, dubbed NU6.2, was implemented the following day on June 2.
ZEC holders were less fortunate on the price front. The token fell by at least 38% following the disclosure, as traders tried to price in the uncomfortable possibility that the bug had already been exploited. Given the privacy-preserving nature of the Orchard pool, there’s no straightforward way to rule that out.
Hornby explained his decision to report rather than exploit the vulnerability in notably personal terms, saying the Zcash developers were “like family.”
AI-assisted auditing enters the conversation
The use of Anthropic’s Claude Opus 4.8 in uncovering this bug is arguably as significant as the bug itself. Hornby’s ability to identify the flaw within days of starting his review suggests that AI-assisted auditing could become a standard practice for privacy-focused protocols.
What this means for Monero and privacy coin investors
Hornby’s decision to add Monero to his audit queue carries significant implications. Monero uses a fundamentally different privacy architecture than Zcash, relying on ring signatures, stealth addresses, and RingCT rather than zero-knowledge proofs. A vulnerability in one doesn’t imply a vulnerability in the other.
Privacy coins operate on a trust model where users cannot independently verify total supply integrity. If a counterfeiting bug exists in Monero’s protocol, the same opacity that protects user privacy would also conceal the exploitation.
The Zcash incident demonstrated that a single vulnerability disclosure can erase more than a third of a token’s value overnight. As Hornby extends his audits to other privacy coins, holders should prepare for the possibility that similar discoveries could trigger comparable sell-offs, even if the bugs turn out to have never been exploited.
Disclosure: This article was edited by Editorial Team. For more information on how we create and review content, see our Editorial Policy.
English (US) ·